Latest News: (loading..)
Issue Information
-
#000369
-
0 - None Assigned
-
New
-
3.0.2
-
-
Issue Confirmations
-
Yes (0)No (0)
0
Hello,
I just have an idea about filtering the datas.
We are using the function tep_db_prepare_input to filtering datas in v2.x series.
I think with OSCOM3 we start to new generation coding. We are using the functions of PHP5 futures. So maybe we can use more useful PHP5 functions in OSCOM3.
For example, we can make it better the filtering with filter_input.
a small example here:
OR check with one line:
Here is the simple article about filter_var, if anyone want to get information about filter_var.
http://devzone.zend.com/article/1113
I just have an idea about filtering the datas.
We are using the function tep_db_prepare_input to filtering datas in v2.x series.
I think with OSCOM3 we start to new generation coding. We are using the functions of PHP5 futures. So maybe we can use more useful PHP5 functions in OSCOM3.
For example, we can make it better the filtering with filter_input.
a small example here:
$_GET['products_id']
if (isset($_GET['products_id'])) {
if (is_numeric($_GET['products_id'])) {
$int = (int)$_GET['products_id'];
if ($int > 0) {
.........
OR check with one line:
$int = filter_input(INPUT_GET, 'products_id', FILTER_VALIDATE_INT);
if (false!==$int) {
Here is the simple article about filter_var, if anyone want to get information about filter_var.
http://devzone.zend.com/article/1113
